Report: Technical Glitch Takes ICMBs Offline

A report in The Atlantic claims that a technical glitch at Warren Air Force Base in Wyoming took 50 nuclear intercontinental ballistic missiles (ICBMs) offline for around 45 minutes on Saturday – a serious breach of national security.  

A report in The Atlantic claims that a technical glitch at Warren Air Force Base in Wyoming took 50 nuclear intercontinental ballistic missiles (ICBMs) offline for around 45 minutes on Saturday – a serious breach of national security.  

The causes of the disruption are still in dispute, but the loss of contact was serious enough to warrant a Presidential briefing, according to the Atlantic. 

The report, which appeared on Tuesday, originally attributed the loss of contact with the cluster of ICMBs to a loss of power. However, the story has been corrected to remove references to a power outage and replace it with the term “engineering failure.”

A similar report, on Wired.com, attributed the loss of contact with the ICMBs to a “hardware failure” that “snarled communications on the network that links the five launch control centers and 50 silos of the 319th Missile Squadron.”

According to The Atlantic report, the faulty equipment appears to be a  launch control center computer (LCC) that began to “ping” out of sequence,” resulting in a surge of “noise” through the system, as the missiles managed by the LCCs noted the out of sequence pings and issued their own error messages.

Missileers at the site eventually resorted to a well-tested method to fix the problem: rebooting all five LCCs connected to their launch center. The reboots worked, but left the missileers temporarily out of contact with the 50 missiles. The malfunctioning LCC was left offline. 

Calls to the U.S. Air Force’s Global Strike Command by Threatpost were not immediately returned. 

The incident first came to light after a Twitter post by John Noonan, a policy advisor for the Foreign Policy Initiative and sometime contributor to the conservative publication The Weekly Standard.

On Tuesday, Noonan tweeted that President Obama was being briefed on an incident at Warren AFB in which contact was lost with 50 ICBMs. Noonan is a former Captain in the United States Air Force who was stationed at Warren with the 321st Missile Squadron, 90th Operations Group. He has written about the need for modernizing the U.S.’s nuclear arsenal, a key conservative condition for Republican Senators backing for a new arms control treaty with Russia. 

While the cause of the disruption has still not been made public, the issue of critical infrastructure security, including the security of the nation’s military and defense networks, has been much in the news in recent months. The recent outbreak of the Stuxnet worm put the spotlight on vulnerabilities within hardware used to control power generation and nuclear facilities, and raised the specter of state sponsored hacking. More recently, at the ToorCon security conference in San Diego on Saturday, Jeremy Brown of Tenable security said that SCADA software vendors are still woefully ignorant of modern security principles and need to invest far more in pre-release testing and patch management. 

Suggested articles

Flaw in Core IE 8 Component Could Enable Remote Attacks

There’s an unpatched vulnerability affecting Internet Explorer 8 running on most current versions of Windows that could give attackers the ability to run code on remote machines. The flaw is a memory leak that gives attackers key information on the location of a specific address in memory, even with memory protections such as ASLR enabled.

XSS Flaw Found in Twitter

A Twitter user has demonstrated a cross-site scripting (XSS) vulnerability on
the microblogging platform that could allow an attacker to take over
users’ accounts or spread malware. Read the full article. [Secure Computing]

Apache Web Server Has Serious Vulnerability

Apache’s HTTP web server has a flaw that enables remote server access and total control of a database, according to a security researcher. Read the full article. [ZDNet Australia]